0% found this document useful (0 votes)
46 views37 pages

11-23-Juniper Tech Disti All Hands-Cs

Uploaded by

AKIRA KENSHI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
46 views37 pages

11-23-Juniper Tech Disti All Hands-Cs

Uploaded by

AKIRA KENSHI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 37

Juniper Technical Distribution All Hands

Angelo Balaara – EMEA Distributor Sales Engineer


Nov 2023

1
© 2022 Juniper Networks
Juniper Business Use Only
Agenda
• Events & activities
• Mist & Cradlepoint
• New SRXs
• JSE
• APSTRA 4.2.0
• Other Updates
• Q&A

2
© 2022 Juniper Networks
Juniper Business Use Only
ACTIVITIES AND
EVENTS

3
© 2022 Juniper Networks
Juniper Business Use Only
Activities and Events
Date Time (CET) Type Champion Points Event Name

Cohesion Event
Nov 28, 2023 2:00 PM (Virtual) 200 EMEA Partner Tech Club - Webinar #1

Cohesion Event
Nov 30, 2023 11:00 AM (Virtual) 200 EMEA Partner Tech Club - Webinar #2

Cohesion Event Did you know?- Juniper Datacenter Technical Resources


Dec 5, 2023 11:00 PM 125
(Virtual) and more...
Cohesion Event
Converged Optical Routing Architecture and Coherent
Dec 5, 2023 4:00 PM (Virtual) 125
Optics Update

Lab Session /
Dec 20, 2023 9:00 AM 250 Security Director Cloud Hands-On Workshop
Workshop

4
© 2022 Juniper Networks
Juniper Business Use Only
Juniper Mist & CradlePoint

5
© 2022 Juniper Networks
Juniper Business Use Only
Juniper, Cradlepoint AI-Driven Enterprise
Virtual Network

Marvis Actions
Assistant
AI-Driven Cloud Services

Marvis
• Proactive Network Insights & Remediations
• AI-driven Problem Solver
• All Encompassing Network Visibility
• Conversational Assistant

Maximize Uptime &


Business Continuity
WAN Diversity
Low Latency
Day One
Wi-Fi Premium User Asset IoT Wired WAN Connectivity
Assurance
W
NE
Assurance Analytics Engagement Tracking Assurance Assurance

Cradlepoint
Wireless Infrastructure Wired Infrastructure WAN Infrastructure

EX3400 EX4400
EX4600/4650

Mist Edge APs SRX


Session Smart
QFX 5110/5120 Routers
EX4300 EX2300

4G, LTE 5G
6
© 2022 Juniper Networks
Juniper Business Use Only
Juniper & Cradlepoint Wired & Wireless AI Driven Ops Journey
Marvis
What is wrong with
To Cloud
Client my enterprise WAN

Mist Imports from Cradlepoint


5G telemetry Device stats stream for 5G WAN
health, signal, activity, usage.

5G WAN
Internet SLE
backhaul
5G WAN Health
- SIM1,SIM2 Signal Quality
Juniper Full stack telemetry - WAN Uptime
SRX/128T
WAN Data usage
Private

Public

- usage type
- Application Degradation.

Marvis Actions
- Site on 5G backhaul
-5G WAN connectivity down
- Bad 5G Signal
- WAN Data usage threshold
breach

cradlepoint-sales@juniper.com
7
© 2022 Juniper Networks
Juniper Business Use Only
Valuable insights

• No need to WAN Assurance

• Just Need VNA sub

• Fully integrated

8
© 2022 Juniper Networks
Juniper Business Use Only
NEW SRXS

12
© 2022 Juniper Networks
Juniper Business Use Only
New Additions to the SRX Series Family
Compact, High-performance fixed form-factor firewall appliances

New
New New New New
New

SRX1600 SRX2300 SRX4300 SRX4700


7.5G NGFW 15G NGFW 45G NGFW 110G NGFW
5G IPsec 12G IPsec 30G IPsec 1.4T FW
90G IPsec PMI

High-Performance AI-Predictive Threat


Built-in Zero Trust EVPN-VXLAN
Prevention
• FW IMIX: 9Gbps to • Supply chain security • No need to break the • AI-generated custom
1.4Tbps • TPM 2.0 w/ tunnel and simpler signatures
Industry highest cryptographically signed config
• • Line-rate anti-malware
security efficacy Device ID • Better Together: performance
400GE interface Tamper-proof Juniper Security
• • • More customizable URL
support Director Cloud &
• Wirespeed MACsec filtering
NSX-T & Apstra
13
© 2022 Juniper Networks
Juniper Business Use Only
Juniper SRX Series Portfolio
Branch Campus & Scale-Out DC/Cloud/SP Scale-Up DC/Cloud/SP
New

SRX300
SRX1500
SRX1500 SRX1600
New
SRX320
SRX4100
SRX4100 SRX2300
New
SRX340 SRX5800
SRX4200

SRX4200 SRX4300
New
SRX5600
SRX345 New
ew
SRX4600
SRX5400
SRX4700
SRX380 SRX4600

Cloud Firewalls

vSRX cSRX Secure Edge Cyberratings Secure Edge 3-time Cybersecurity Channel 2-time Gartner Customer
”AAA” Rating “2022 Product of the Year” by CRN Champions by Canalys Choice for Network FWs
14
© 2022 Juniper Networks
Juniper Business Use Only
SRX1600 Target Release for Q4 2023

Fixed Entry Scale Firewall for Large Branch or Enterprise Edge

Use Cases
Ø Enterprise edge FW
Ø DC edge FW
Ø Roaming FW
Ø SD-WAN secure branch

Modular Interfaces Storage & Dimensions Projected Firewall Performance


Ø 1x 100G SSD Ø Firewall (IMIX) : 9G
Ø 16x 1G-T (Cu)
Ø Dual Power Supply (AC / DC) Ø NGFW: 7.5G
Ø 4x 1/10G (SFP+)
Ø Size: 1RU Ø IPsec VPN (IMIX) : 5G
Ø 2x 1/10/25G (SFP28)
Ø Front to Back Airflow Ø IPS Recommended : 8G
Ø 2 Dedicated HA Control Ports
(SFP) Ø FIPS 140-3, CC Ø NAT (IMIX) : 8G
Ø Dedicated OOB Mgmt (1xGE)
Ø MACsec supported on SFP ports
15
© 2022 Juniper Networks
Juniper Business Use Only
SRX2300 Target Release for Q4 2023

Fixed Medium Scale Firewall for Large Branch or Enterprise Edge


Use Cases
Ø Enterprise edge FW
Ø DC edge FW
Ø Roaming FW
Ø SD-WAN secure branch
Ø SD-WAN secure hub

Modular Interfaces Storage & Dimensions Projected Firewall Performance


Ø 8x 1/10G-T (Cu) Ø 1x 100G SSD Ø Firewall (IMIX) : 25G
Ø 8x 1/10G (SFP+) Ø 1x 200G SSD Ø NGFW : 15G
Ø 4x 1/10/25G (SFP28) Ø Dual Power Supply (AC / DC) Ø IPsec VPN (IMIX) : 12G
Ø 2x 40/100G (QSFP28) Ø Size: 1RU Ø IPS Recommended : 15G
Ø 2 Dedicated HA Control Ports Ø Front to Back Airflow Ø NAT (IMIX) : 25G
(SFP) Ø FIPS 140-3, CC
Ø Dedicated OOB Mgmt (1xGE)
Ø MACsec supported
16
© 2022 Juniper Networks
Juniper Business Use Only
SRX4300 Target Release for Q2 2024

Fixed Medium Scale Firewall for Enterprise Data Center

Use Cases
Ø Enterprise Edge FW
Ø Enterprise Core FW
Ø DC edge FW
Ø DC core FW
Ø Roaming FW
Ø SD-WAN secure hub

Modular Interfaces Storage & Dimensions Projected Firewall Performance


Ø 8x 1/10G-T (Cu) Ø 1x 100G SSD Ø Firewall (IMIX) : 50G
Ø 8x 1/10G (SFP+) Ø 1x 1TB SSD Ø NGFW : 45G
Ø 4x 1/10/25G (SFP28) Ø Dual Power Supply (AC / DC) Ø IPsec VPN (IMIX) : 30G
Ø 6x 40/100 G (QSFP28) Ø Size: 1RU Ø IPS Recommended : 45G
Ø 2 Dedicated HA Control Ports Ø Front to Back Airflow Ø NAT (IMIX) : 50G
(SFP) Ø FIPS 140-3, CC
Ø Dedicated OOB Mgmt (1xGE)
Ø MACsec supported

17
© 2022 Juniper Networks
Juniper Business Use Only
SRX4700 Planned for 2H2024
Fixed High-Performance Firewall for Data Center Edge and Core
Use Cases
Ø Enterprise Edge FW
Ø Enterprise Core FW
Ø DC edge FW
Ø DC core FW
Ø Security Gateway New

Ø CGNAT / Gi/N6 firewall


Ø Roaming FW
Ø SD-WAN secure hub

Interface options Storage & Dimensions Projected Firewall Performance


Ø 4 configurable modes: Ø 2x1TB or 1x1TB+1x2TB SSD Ø Firewall (IMIX) : 800G or 1.4T
Ø Dual Power Supply (AC / DC) Ø NGFW : 110G
Ø 2x400G + 4x100G + 4x50G OR
Ø Size: 1RU Ø IPsec VPN (IMIX) : 90G
Ø 2x400G + 2x100G + 8x50G OR Ø Front to Back Airflow Ø Inline IPsec (IMIX): 300G
Ø 12x100G + 4x50G (SFP56) OR Ø FIPS 140-3, CC Ø IPS Recommended : 150G
Ø 6x100G + 16x50G (SFP56) Ø NAT (IMIX) : 150G
Ø Dedicated OOB Mgmt (1G)
Ø MACsec on all ports
18
© 2022 Juniper Networks
Juniper Business Use Only
Built-in Zero Trust for Supply Chain Security

Trusted Platform Modules (TPM 2.0)& Secure ZTP


Device ID: Tamper-Proofing New security & routing platforms will come installed with a TPM
Platforms chip and Juniper certificates, as well as a secure ZTP system
• Prevent supply chain threats (hardware & software tampering)
• Establish trust when installing the system or upgrading the
firmware
• Quickly & securely onboard their firewalls and configure them
remotely - Secure ZTP
• Secure Boot

19
© 2022 Juniper Networks
Juniper Business Use Only
Security in EVPN-VxLAN Deployments
Simple policies that minimize complexity & misconfiguration

Benefits

Remove networking complexities


from security policies

Collapse DC edge security with SRX


while maintaining flexibility

Support multiple deployments with


shared services while maintaining
segmentation

Faster recovery times leading to


better resiliency

Security at scale with industry-leading


efficacy & performance

Simplified connectivity that advertises all VRFs from the DC fabric to an SRX using type-5 routes

20
© 2022 Juniper Networks
Juniper Business Use Only
SASE WITH
JUNIPER
SECURE
EDGE

21
© 2022 Juniper Networks
Juniper Business Use Only
Juniper SASE Protect Access

Single-vendor SASE
with continuous security, common config,
common policy & complete visibility

Juniper
AI-driven SD-WAN Secure Edge
Marvis Virtual Assistant

Full-stack branch operations FWaaS Data Security


Identity &
Advanced AI & ML SWG Access Control
Intrusion Prevention
Session Smart networking CASB
Antimalware
Zero Trust DLP
Threat Intelligence
Segmentation ZTNA Secure Web Access

22
© 2022 Juniper Networks
Juniper Business Use Only
SASE Model: Thin Branch and Heavy Cloud
Driven by apps / workloads moving to the Cloud
Branch Connectivity Thin Heavy
and Security Branch Cloud
• Rise of SD-WAN adoption
Enter Secure SD-WAN Enter cloud-delivered security
• But SD-WAN alone no longer sufficient
• SD-WAN • More use cases: on prem &
• Branch security now a must-have
• FW plus perhaps roaming users; Internet &
• IDS/IPS private access; etc.
• WAN opt • More security services
• More dynamic, elastic scaling

Heavy SD-WAN FWaaS

Branch Router FW SWG

FW … CASB
Deploying entire security
stack in every branch not IPS DLP
possible / feasible SWG Threat
• Financially VPN ZTNA
• Operationally
DLP IPS
… …

WAN Edge Security Service Edge


26
© 2022 Juniper Networks
Juniper Business Use Only
Juniper Secure Edge Overview
Cloud Delivered Security
• Security Director Cloud for full visibility
across on prem and cloud
Visibility • Sanctioned & unsanctioned cloud apps,
SaaS posture, …

Internet / Web Cloud Apps (SaaS) Public Cloud (IaaS)


• Inline and out-of-band enforcement
• Unified policy across
APIs
Access
• Environments: on prem (SRX), cloud
Control (Secure Edge, ATP)
• Services: FWaaS, SWG, IPS, etc.
Juniper Secure Edge
Private Cloud /
Risk Location FWaaS SWG CASB Data Center • Fully integrated with ATP Cloud
ZTNA ATP DLP
Threat • Threat feeds
IdP
DNS IPS


SSPM
Prevention • DNS security, sandboxing, Encrypted
MDM
Traffic Insights
Sources of Context

• For data in motion and at rest


Data • Content filtering
Protection • DLP
Mobile User Office / Branch
• Cloud data discovery

27
© 2022 Juniper Networks
Juniper Business Use Only
Thin Branch
• Small enterprises (<100 users)
Target • Mid to large enterprises (100+ users)
Customers • Mostly on prem users
• Mix of on prem and cloud apps

Internet / Web SSR


Cloud Apps (SaaS) Public Cloud (IaaS)

Target • Branch WAN connectivity


Use Cases • Branch security
SSR

Private Cloud / SSR-P1 SSR-P2


Data Center

Core •

SD-WAN
FW


SD-WAN
FW
Services • IDS/IPS
Legend
• URLF

SD-WAN

SSR
FW
SSR Service
IDS/IPS
Models & • Box-based pricing
Pricing
URLF
Office/Branch

over SD-WAN
DIA

28
© 2022 Juniper Networks
Juniper Business Use Only
Differentiators

Costumer can
Dedicated
Full-stack SASE leverage Dynamic user
Security
solution existing segmentation
Instances
investments

30
© 2022 Juniper Networks
Juniper Business Use Only
Juniper SASE Licensing
Small Enterprises Mid-to-Large Enterprises
(<100 users) (100+ users)
Branch Security Advanced Branch Security Branch & Cloud Security
Base Feature
(SSR-P1) (SSR-P2) (SSR-P1+JSEC-A)

• SD-WAN 🟢 🟢 🟢

• On Premises Firewall 🟢 🟢 🟢

• URL Filtering 🔴 🟢 🟩

• Intrusion Detection and Prevention (IDS/IPS) 🔴 🟢 🟩

• Cloud NGFW (FWaaS) 🔴 🔴 🟩

• Application Visibility and Control 🔴 🔴 🟩

• Secure Web Gateway 🔴 🔴 🟩

• DNS Security 🔴 🔴 🟩

• Advanced Threat Protection 🔴 🔴 🟩

Add-On

• Secure remote access (SRX+VPN) 🟩 🟩 🟩

• SaaS security (CASB, DLP, SSPM) 🟩 🟩 🟩

🟢 Per box subscription


33
© 2022🟩 Per user
Juniper Networks subscription
Juniper Business Use Only
Juniper Secure Edge Licensing
S-JSEC-S1-Cx-x S-JSEC-A1-Cx-x

Pay-As-You-Grow Feature Standard Advanced


• SKUs based on # of users Secure Web Access X X
(TLS proxy and inspection)
• Minimum 200 users (Class 1: 200-2499 users)
URL Filtering X X
• No max user limit (Class 4: 50,000+ users)
• SKU tier bundles – Easy to buy, easy to use Content Filtering X X
• Standard: FWaaS + Secure web access Identity/User FW X X
• Advanced: All Standard features + IPS & ATP Cloud
Application Control X X
• Includes license for Security Director Cloud
Threat Feeds X X
• Includes support
Antimalware X X
• Includes 2 cloud service locations (POPs)
• Subscription terms: 1 & 3 years
DNS Filtering X X
DNS Security X
IPS X
Add-on Flexibility
Malware Sandboxing X
• Additional service locations (POPs)
• More log storage Encrypted Traffic Insights X
Out-of-band CASB-DLP Add-On Add-On
34
© 2022 Juniper Networks
Juniper Business Use Only
ASPTRA 4.2.0

35
© 2022 Juniper Networks
Juniper Business Use Only
ENHANCHEMENTS
UI-Based Reference
UI/UX Operations
ZTP Design

Developer
IBA Telemetry Platform
Experience

New NOSs,
DPs,
Upgrade

36
© 2022 Juniper Networks
Juniper Business Use Only
Released in 4.2.0
Discover the full list of new features grouped per theme in the next slides!

Validated Network Reference Designs User Experience


• Integrated Data Center Interconnect: VXLAN • GUI UX Enhancements and Streamlined Workflows
Stitching
• Developer Experience Enhancements
• Adding MAC-VRF support for Junos
• Apstra ZTP GUI
• Intelligently Render VRF/RZ

Operations Platform & Multi-Vendor


• ACX7024, vJunos-switch, and vJunosEvolved
• Apstra Central: UI prototype
• Up-To-Date NOS Qualification
• Custom Telemetry Collection
• Continued Multi-Vendor Investment and improving
• Automatic Baselining and Trend Analysis
EVPN interoperability

• FIPS Certification

37
© 2022 Juniper Networks
Juniper Business Use Only
APSTRA 4.2.0 on Learning accedemy

https://jpartnertraining.juniper.net/new/ui/learner#/update/1712465338830578996?se
ries=1527386935050096231

38
© 2022 Juniper Networks
Juniper Business Use Only
Upgrade Path to 4.2.0
Cannot upgrade directly (In-Place) to 4.2.0
Use VM-to-VM

IMPORTANT!
Before upgrading the Apstra server, ensure that all Apstra-managed
devices are running a supported version for your release. Upgrade or
downgrade the device operating systems to one of the supported versions
before upgrading the server.

39
© 2022 Juniper Networks
Juniper Business Use Only
OTHER UPDATES

40
© 2022 Juniper Networks
Juniper Business Use Only
QFX10K/10K2 EOL Revoked

41
© 2022 Juniper Networks
Juniper Business Use Only
JSD Cloud is Now Available on the AWS
Marketplace!

42
© 2022 Juniper Networks
Juniper Business Use Only
TECH SUMMIT SLIDES

Slides are now available in learning academy


Link: Learning Academy

43
© 2022 Juniper Networks
Juniper Business Use Only
We Launched a new Co2 Calculator for the Field
& costumer*

*Power Calculator being extended with additional products throughout 2023

44
© 2022 Juniper Networks
Juniper Business Use Only
Q&A

45
© 2022 Juniper Networks
Juniper Business Use Only
46
© 2022 Juniper Networks
Juniper Business Use Only

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy